CISSP Certified Information Systems Security Professional Study Guide, Fourth Edition -- Acknowledgments -- About the Authors -- Contents at a Glance -- Contents -- Introduction -- Assessment Test -- Answers to Assessment Test -- Chapter 1: Accountability and Access Control -- Access Control Overview -- Identification and Authentication Techniques -- Access Control Techniques -- Access Control Methodologies and Implementation -- Access Control Administration -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 2: Attacks and Monitoring -- Monitoring -- Intrusion Detection -- IDS-Related Tools -- Penetration Testing -- Methods of Attack -- Access Control Compensations -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 3: ISO Model, Protocols, Network Security, and Network Infrastructure -- OSI Model -- Communications and Network Security -- Internet/Intranet/Extranet Components -- Remote Access Security Management -- Network and Protocol Security Mechanisms -- Avoiding Single Points of Failure -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 4: Communications Security and Countermeasures -- Virtual Private Network (VPN) -- Network Address Translation -- Switching Technologies -- WAN Technologies -- Miscellaneous Security Control Characteristics -- Managing Email Security -- Securing Voice Communications -- Security Boundaries -- Network Attacks and Countermeasures -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 5: Security Management Concepts and Principles -- Security Management Concepts and Principles -- Protection Mechanisms -- Change Control/Management.

Data Classification -- Planning to Plan -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 6: Asset Value, Policies, and Roles -- Employment Policies and Practices -- Security Roles -- Security Management Planning -- Policies, Standards, Baselines, Guidelines, and Procedures -- Risk Management -- Security Awareness Training -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 7: Data and Application Security Issues -- Application Issues -- Databases and Data Warehousing -- Data/Information Storage -- Knowledge-Based Systems -- Systems Development Controls -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 8: Malicious Code and Application Attacks -- Malicious Code -- Password Attacks -- Denial-of-Service Attacks -- Application Attacks -- Web Application Security -- Reconnaissance Attacks -- Masquerading Attacks -- Decoy Techniques -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 9: Cryptography and Private Key Algorithms -- Historical Milestones in Cryptography -- Cryptographic Basics -- Modern Cryptography -- Symmetric Cryptography -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 10: PKI and Cryptographic Applications -- Asymmetric Cryptography -- Hash Functions -- Digital Signatures -- Public Key Infrastructure -- Applied Cryptography -- Cryptographic Attacks -- Summary -- Exam Essentials -- Written Labs -- Answers to Written Labs -- Review Questions -- Answers to Review Questions -- Chapter 11: Principles of Computer Design.

Computer Architecture -- Security Protection Mechanisms -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 12: Principles of Security Models -- Security Models -- Objects and Subjects -- Understanding System Security Evaluation -- Common Flaws and Security Issues -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 13: Administrative Management -- Operations Security Concepts -- Personnel Controls -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 14: Auditing and Monitoring -- Auditing -- Monitoring -- Penetration-Testing Techniques -- Inappropriate Activities -- Indistinct Threats and Countermeasures -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 15: Business Continuity Planning -- Business Continuity Planning -- Project Scope and Planning -- Business Impact Assessment -- Continuity Planning -- BCP Documentation -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 16: Disaster Recovery Planning -- The Nature of Disaster -- Recovery Strategy -- Recovery Plan Development -- Training and Documentation -- Testing and Maintenance -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 17: Law and Investigations -- Categories of Laws -- Laws -- Investigations -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 18: Incidents and Ethics -- Major Categories of Computer Crime -- Incident Handling.

Ethics -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Chapter 19: Physical Security Requirements -- Facility Requirements -- Forms of Physical Access Controls -- Technical Controls -- Environment and Life Safety -- Equipment Failure -- Summary -- Exam Essentials -- Written Lab -- Answers to Written Lab -- Review Questions -- Answers to Review Questions -- Appendix: About the Companion CD -- What You'll Find on the CD -- System Requirements -- Using the CD -- Troubleshooting -- Glossary -- Index.